-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Debian Apache Developers and Maintainers,
Yeah, the disappearing of the apache2-ssl-certificate script may not
very useful especially for novices in Debian GNU/Linux.
It's main parts were:
export RANDFILE=/dev/random
openssl req $@ -config /usr/share/apache2/ssleay.cnf \
-new -x509 -nodes -out /etc/apache2/ssl/apache.pem \
-keyout /etc/apache2/ssl/apache.pem
chmod 600 /etc/apache2/ssl/apache.pem
You may like to specify days:
export RANDFILE=/dev/random
openssl req $@ -config /usr/share/apache2/ssleay.cnf \
-new -x509 -days 365 -nodes -out /etc/apache2/ssl/apache.pem \
-keyout /etc/apache2/ssl/apache.pem
chmod 600 /etc/apache2/ssl/apache.pem
Best Regards, Jan
less /usr/sbin/apache2-ssl-certificate
#!/bin/sh -e
if [ $1 != --force -a -f /etc/apache2/ssl/apache.pem ]; then
echo /etc/apache2/ssl/apache.pem exists! Use \$0 --force.\
exit 0
fi
if [ $1 = --force ]; then
shift
fi
echo
echo creating selfsigned certificate
echo replace it with one signed by a certification authority (CA)
echo
echo enter your ServerName at the Common Name prompt
echo
echo If you want your certificate to expire after x days call this programm
echo with -days x
# use special .cnf, because with normal one no valid selfsigned
# certificate is created
export RANDFILE=/dev/random
openssl req $@ -config /usr/share/apache2/ssleay.cnf \
-new -x509 -nodes -out /etc/apache2/ssl/apache.pem \
-keyout /etc/apache2/ssl/apache.pem
chmod 600 /etc/apache2/ssl/apache.pem
ln -sf /etc/apache2/ssl/apache.pem \
/etc/apache2/ssl/`/usr/bin/openssl \
x509 -noout -hash /etc/apache2/ssl/apache.pem`.0
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFU0k1ca7jn0i2Qn4RAujvAJ9XBJ9nJ2yGKpGcVdC1uk3zbMs/sQCbByxe
AEv5A+LBhtkTvKtnhpMoYoA=
=rwkS
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
